﻿@{
    // Set the layout page and page title
    Layout = "~/tpl/_layout.cshtml";
    PageData["PageTitle"] = "Password Reset";

    var errors = new Dictionary<string,string>();
    var passwordResetToken = Request.Form["resetToken"] ?? Request.QueryString["resetToken"];
    var disabledAttribute = "";

    bool isValid = true;
    bool tokenExpired = false;
    bool isSuccess = false;

    if (IsPost) 
    {
        var newPassword = Request["newPassword"];
        var confirmPassword = Request["confirmPassword"];

        if (newPassword.IsEmpty()) 
        {
            errors.Add("newPasswordError", "Please enter a new password.");
            isValid = false;
        }

        if (confirmPassword != newPassword) 
        {
            errors.Add("confirmPasswordError", "The password confirmation did not match the new password.");
            isValid = false;
        }

        if (passwordResetToken.IsEmpty()) 
        {
            errors.Add("passwordResetTokenError", "Please enter your password reset token. It should have been sent to you in an email.");
            isValid = false;
        }

        if (isValid) 
        {
            if (WebSecurity.ResetPassword(passwordResetToken, newPassword)) 
            {   
                disabledAttribute = "disabled";
                isSuccess = true;
            }
            else 
            {
                errors.Add("passwordResetTokenError", "The password reset token is invalid.");
                tokenExpired = true;
                isValid = false;
            }
        }
    }
}

@if (!isValid) 
{
    <div>
        @if (tokenExpired) 
        {
            <span>The password reset token is incorrect or may be expired. Visit the <a href="ForgotPassword">forgot password page</a> to generate a new one.</span>
        }
        else 
        {
            <span>Could not reset password. Please correct the errors and try again.</span>
        }
    </div>
}

@if (isSuccess)
{
    <div>
        Password changed! Click <a href="@Href("~/Account/Login")">here</a> to log in.
    </div>
}

<fieldset>
    <legend>Password Change Form</legend>
    <p>
        Please type in your new password below and click the <em>Reset Password</em> button to change your password.
    </p>
    <form method="post" action="">
        <div>
            <label for="newPassword">New Password:</label> 
            <input type="password" name="newPassword" @disabledAttribute/>
            @if (errors.ContainsKey("newPasswordError"))
            {
                <span>@errors["newPasswordError"]</span>
            }
        </div>
        <div>
            <label for="confirmPassword">Confirm Password:</label> 
            <input type="password" name="confirmPassword" @disabledAttribute/>
            @if (errors.ContainsKey("confirmPasswordError")) 
            {
                <span>@errors["confirmPasswordError"]</span>
            }
        </div>
        <div>
            <label for="resetToken">Password Reset Token:</label> 
            <input type="text" name="resetToken" value="@passwordResetToken" @disabledAttribute/>
            @if (errors.ContainsKey("passwordResetTokenError"))
            {
                <span>@errors["passwordResetTokenError"]</span>
            }
        </div>
        <div>
            <input type="submit" value="Reset Password" @disabledAttribute/>
        </div>
    </form>
</fieldset>